Budget: 3500 UAH Deadline: 2 days
Hello. I clean exactly such infections on hosting.
How I will do it:
1) I will find the source: I will scan all sites on the host for web shells and injections (eval/base64_decode/system/exec, backdoors in $_POST, fresh/foreign php files), check for cross-contamination (shared users/permissions, access between sites) and the entry point (vulnerable plugin/script, leaked access).
2) I will remove the malware, clean the infected files/databases.
3) I will close the hole: updates, file permissions, changing passwords/keys, removing unnecessary access.
4) I will set up simple integrity monitoring to prevent it from returning.
5) Report: what was found, where it came from, what was done.
I have worked with such cases (web shells, vulnerabilities on WP/hosting). The estimate is 3500 UAH, 1-2 days. Provide access (SSH/FTP/panel) — I will start with the audit.